Skip to content
@RhinoSecurityLabs

Rhino Security Labs

A boutique penetration testing and security assessment firm in Seattle, WA.

Pinned

  1. pacu Public

    The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

    Python 3.1k 557

  2. cloudgoat Public

    CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

    Python 1.7k 396

  3. CVEs Public

    A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.

    Python 612 199

  4. AWS-IAM-Privilege-Escalation Public

    A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.

    821 106

  5. IPRotate_Burp_Extension Public

    Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

    Python 630 123

  6. ccat Public

    Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

    Python 424 82

Repositories

  • pacu Public

    The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

    Python 3,064 BSD-3-Clause 557 25 9 Updated Oct 10, 2022
  • cloudgoat Public

    CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

    Python 1,745 BSD-3-Clause 396 19 (1 issue needs help) 4 Updated Oct 7, 2022
  • GCP-IAM-Privilege-Escalation Public

    A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.

    Python 212 BSD-3-Clause 60 5 2 Updated Jul 29, 2022
  • CVEs Public

    A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.

    Python 612 BSD-3-Clause 199 0 0 Updated May 26, 2022
  • CloudScraper Public

    CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

    Python 14 MIT 92 0 1 Updated Mar 7, 2022
  • little-stitch Public

    Send and receive bypassing Little Snitch alerting.

    Go 7 1 0 0 Updated Jan 27, 2022
  • amazon-ssm-agent Public

    Fork of amazon-ssm-agent that can run as any user in parallel with the official service.

    Go 3 Apache-2.0 299 0 0 Updated Dec 3, 2021
  • dsnap Public

    Utility for downloading and mounting EBS snapshots using the EBS Direct API's

    Python 41 BSD-3-Clause 9 2 0 Updated Jul 17, 2021
  • Security-Research Public

    Exploits written by the Rhino Security Labs team

    Python 956 BSD-3-Clause 292 8 3 Updated Jan 23, 2021
  • GCPBucketBrute Public

    A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.

    Python 337 71 5 2 Updated Dec 15, 2020
View all repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Top languages

Loading…

Most used topics

Loading…